Wednesday, 30 May 2007

BBB Spear Phishing Trojan

Source: SecureWorks
This story has been reported on and off for a few days, but this source is the most informative to date. Someone has carefully crafted a list of executives at companies, then sent them a forged Better Business Bureau complaint, correctly personalised with the name and company of the executive. The aim of the phish is to install a trojan IE "browser helper object" which leaks all data submitted in all forms (regardless of SSL encryption) to the phisher.

No comments: